01 OVERVIEW OF AUDIT

ASSURANCE is the practitioner’s satisfaction as to reliability of an assertion; Assurance engagement is an engagement when a practitioner expresses a
conclusion and enhance the decision making of users; and Assurance services is an independent professional service in which a practitioner issues a written
communication that expresses a conclusion.

Assurance Engagement Non-assurance Engagement ● Assertion-based engagements (Attestation

Output: assurance in the form
of an opinion
To improve the quality or
enhance credibility of the
subject matter
Three-party contract
Independence is required
Audit, review, and examination
Output: recommendation
To provide comments, suggestions, or
recommendations
Two-party contract
Independence is not required
AUP, compilations, tax, Consulting
engagement) evaluation or measurement of
the subject matter made available to the users;
● Direct-reporting engagements the practitioner
either directly performs the evaluation or
measurement or obtains a representation from
the responsible party, not made available to the
users.
Source: REO Handouts

RELATIONSHIPS AMONG AUDITING, ATTESTATION, AND ASSURANCE ELEMENTS OF ASSURANCE ENGAGEMENT:

● SIMILARITY: they encompass the same decision-process
● DIFFERENCE: Scope of services
AUDITOR ultimately determines the scope
of audit for him to be more effective
MANAGEMENT is primarily responsible for
the financial statements.
1. THREE-PARTY RELATIONSHIP (involving a practitioner [who verifies
assertions], a responsible party, and intended users)
2. APPROPRIATE SUBJECT MATTER (ex. F/S, operational performance,
compliance matters). It must be identifiable with consistent evaluations.
3. SUITABLE CRITERIA (PFRS, Laws and Regulations, Quality Standards)
CR-RUN: Completeness, Relevance. Reliability Neutrality, Understandability
4. SUFFICIENT APPROPRIATE EVIDENCE - Substantiation by the RP
(1) Professional Skepticism (2) Materiality (3) Assurance Engagement Risk
(4) Cost-benefit Relationship
Sufficiency - quantity of evidence. Appropriateness - quality of evidence.
5. WRITTEN ASSURANCE REPORT (Audit Report)
*RP and IU may be from the same entity or diff entities.
*IU may include RP.

Professional Skepticism: Auditor assumes that management is neither honest nor dishonest.
Auditor cannot obtain absolute assurance because of:
Theoretical Framework of Audit (VIC BPI) - (According to nature of assertions)
Data are Verifiable Auditor’s Independence REGULATOR’S REQUIREMENTS:
1. Gross Sales, Earnings and Receipts that exceed 3M shall have their
No long-term Conflict between auditor and management books of account audited yearly by independent CPA.
Audit benefits the public Effective internal control system 2. Submit Annual FS if TA/TL is >600,000 for stock corporations.

ASSURANCE ENGAGEMENTS NON-ASSURANCE ENGAGEMENTS

AUDIT REVIEW AGREED-UPON COMPILATION
(e.g. audit of FS) (e.g. review of FS) PROCEDURES ENGAGEMENT
References PSAs and PAPS PSREs and PREPS PSRSs and PRSPS PSRSs and PRSPS
Audit of historical Review of historical financial Agreed-upon procedures information and other related services
Application
financial information information engagements as specified by AASC
Express an Express a conclusion whether Perform procedures as agreed upon
Use accounting expertise to
opinion whether the FS material with the client and third parties and
Objective collect, classify and
are prepared in modifications are to be made to the report on factual findings (client is
summarize FS
accordance with PFRS FS to conform with PFRS involved)
Ethical Independence plus COBID only (no
Independence plus COBID COBID only (no independence)
requirement COBID independence)
No assurance (to the extent of
Level of High but not absolute Moderate (limited)
agreed only), because we didn’t No assurance
assurance (reasonable) Limited to Inquiry & AR
solely decide
Procedures are Exclusively by the May or may not be agreed
Exclusively by the auditor Agreed-upon by parties
determined by auditor by the parties
Report Independent Auditor’s
Report on Factual and Summary of
Provided Report (positive form) – Review Report (negative form) Compilation Report
Findings
(End Product) RP
Availability of For limited use only (since only
To all users To all users To all users
report limited accounts are assessed)
✓ Comparing FS with budgets and
✓ Consulting or advisory
forecasts ✓ Consulting or advisory services
services
Procedures ✓ Studying relationships of FS ✓ Readers will give their own
✓ Readers will give their
✓ Inquiring management about actions conclusions
own conclusions
at BOD meetings
TYPES OF AUDIT ACCORDING TO NATURE OF ASSERTION/DATA
FINANCIAL STATEMENT AUDIT OPERATIONAL AUDIT COMPLIANCE AUDIT
ASSERTIONS Financial statements are fairly Operations are conducted Activities complied with applicable laws, rules,
presented efficiently and effectively regulations, contracts or management policy
SUITABLE CRITERIA GAAP or any other identified financial Objective set by the management Applicable contracts, rules, regulations, laws,
reporting framework or management policy
REPORT An opinion whether the financial Report on efficiency and Degree of compliance with applicable laws,
statements are fairly presented in effectiveness. This will also rules, regulations or management policy.
conformity with an identified financial include recommendations to
reporting framework improve operations.
GENERAL PERFORMED BY External auditors Internal auditors Government auditors

02 AGREEING THE TERMS OF AUDIT ENGAGEMENT

The objective of the auditor is to accept or continue an audit engagement only when:
Preconditions of the confirming that there is a common understanding
audit is present between the auditor and management
ENGAGEMENT LETTER
- is written to avoid misunderstandings regarding the engagement.
- It is not always required; applied to all assurance engagements.
- Common responsibilities of auditor and management.

If the auditor is UNABLE to agree to a change in terms of the audit engagement

and is NOT permitted to continue:
1. Withdraw from engagement; and
2. Determine whether there is any obligation, either contractual or otherwise,
to report the circumstances to other parties, such as TCWG, owners or
regulators.

CHANGES IN NATURE OF ENGAGEMENT:
● Assurance to non-assurance - not allowed
● Reasonable Assurance to Limited assurance
(lower) - Generally, not allowed unless justified
(diagram)
PLANNING ACTIVITIES: In order to reduce audit risk to an acceptably low level:
1. Establish an overall audit strategy
2. Develop an audit plan
a. Nature, Timing & Extent of Risk Assessment Procedures
b. Nature, Timing & Extent of Final Assessment Procedures
i. Test of Controls - operating effectiveness
ii. Substantive Testing – Test of Details and Analytical Procedures
AUDIT PROCESS: A MORE DETAILED APPROACH

AUDIT PROCESS: GENERAL APPROACH

AUDIT PROCEDURES: RESPONSE TO ASSESSED RISKS

RISK ASSESSMENT PROCEDURES FURTHER AUDIT PROCEDURES:
1 When obtaining an understanding of relevant internal control: Perform tests of controls
1. Evaluate the design. Objective: to obtain SAAE as to the operating effectiveness:
2. Determine whether it is implemented. 1. auditor intends to rely on internal control to reduce Substantive Test
2. substantive Test will not provide SAAE
Specific audit procedures include:
1. Inquiring of entity personnel Specific audit procedures:
2. Observing the application of specific controls 1. Inquiry 3. Inspection
3. Inspecting documents and reports 2. Observation 4. Reperformance
4. Analytical Procedures
2 Make an initial assessment of control risk (high or less than high) Make a re-assessment of control risk
Perform substantive tests
3 Identify relevant controls
• Irrespective of the assessed risk of material misstatement
AUDIT PROCEDURES ACCORDING TO TYPES (SPECIFIC PROCEDURES):
RISK TEST OF SUBSTANTIVE
PROCEDURE DEFINITION
ASSESSMENT CONTROL TEST
Inspection examining records ✓ ✓ ✓
Observation looking at a process to confirm the information given to us ✓ ✓ ✓
Inquiry seeking info of knowledgeable persons ✓ ✓ ✓
External Confirmation received by auditor as a direct response to the auditor ✓
Recalculation mathematical accuracy ✓
Reperformance redoing the same control procedure ✓
Analytical Procedures Evaluate the reasonableness of FI ✓ ✓

Re-assessment of
Audit approach Effect on substantive tests
control risk
• Less effective procedures
Assessment remains Reliance
• Interim testing may be appropriate.
at less than High approach
• Smaller sample size
• More effective procedures
Assessment is Switch to no
• Tests moved to nearer or at year-end.
changed to High/Max reliance approach
• Larger sample size

03 AUDIT PLANNING AND ASSESSING THE RISK OF MATERIAL MISSTATEMENT

● The overall audit strategy sets the scope, timing and direction of the audit and guides the development of audit plan.
● Audit Planning Memorandum – shows the summary of overall audit strategy.
 1 In making a decision whether to accept or reject an engagement, the auditor’s firm should consider the following:

Competence Independence Integrity of the Client • Integrity examples:

a. The client’s standing in the business community.
Ability to Serve the Client Properly (Auditability) b. The client’s relations with its previous CPA firm.
c.

2 Perform procedures regarding acceptance

or continuance of the client relationship.

3 Establish an understanding of the terms of the engagement 4 Understanding the entity and its environment

○ Nature of the entity, purpose and nature of FS, laws - To identify and assess RoMM
and regulations • Review of prior year’s WP & a tour
• Discussion with people within and outside the entity
• Reading books, periodicals and other publications
The auditor develops an overall strategy for the audit,
5 • Reading corporate documents/internal audit reports
including engagement staffing and specialists.
MATTERS TO CONSIDER IN AUDIT STRATEGY:
1. Important characteristics of entity;
2. Conditions needing attention; RPT
3. Setting of materiality levels.

04 MATERIALITY IN PLANNING & EVALUATION OF MISSTATEMENT

- is the amount of threshold or cut-off point; is flexible and can be revised throughout the audit but must be documented.
- Is applied to both (a) planning & performing an audit and (b) evaluation the effect of identified misstatement.

Matter of professional judgement Affected by size and nature of entity Based on a consideration of the financial
information needs of users of the FS
LEVELS OF MATERIALITY
1. Materiality at financial statement as a whole (overall materiality, general materiality)
- applicable to entire set of FS and no specific account in the standards; it is the smallest aggregate level; [Benchmark x %]
- It helps us to determine whether the proposed audit adjustment is significant or not; matched to PAJE.
- the auditor considers the following factors:
Component of FS Focus on the users Nature of entity
Ownership structure Volatility of the benchmark Laws and regulations

2. Materiality applied to specific classes of transactions, account balance or disclosures (specific or individual materiality)
- materiality level for individual or particular class of transactions; [benchmark x %]
- lower than overall materiality
- the auditor considers the following factors:
Laws and regulations Key industry Disclosures Understanding of the view of those charge
Financial Reporting Framework Particular aspect of business with governance

3. Performance materiality
- calculated as a certain percentage of overall materiality. The following factors may affect auditor’s judgement.
Nature of the entity’s business and Nature and extent of misstatements
Risk Assessment Procedures (RAP)
transactions identified in previous audit

RISK RESPONSES TO MATERIALITY

● In the presence of Inherent and Control Risk, more intense substantive testing is If management refuses to correct some misstatement:
required and a SMALLER detection risk (entity is red flag, so need more misstatements) • Obtain understanding of management reasons; and
● SMALLER Materiality levels = more intense Substantive Testing = most reasonable • Take the understanding where evaluated whether
assurance (since most likely, you’ll find more misstatements with lower materiality) financial statements as a whole are free from MM.
● Materiality is inversely related to Audit Risk, and is directly related with Detection risk

EVALUATION OF MISSTATEMENTS
- The auditor is required to request management to correct those misstatements. The OBJECTIVE of the auditor is to evaluate:
The effect of identified misstatements on the audit The effect of uncorrected misstatements, if any, on the financial statements
- The audit documentation shall include:
a) The amount below which misstatements would be regarded as CLEARLY TRIVIAL;
b) ALL MISSTATEMENTS accumulated during the audit and whether they have been corrected; and
c) The auditor’s conclusion as to whether uncorrected misstatements are material, individually or in aggregate, and the basis for that conclusion.
ANALYTICAL PROCEDURES
- means evaluations of financial information through analysis of plausible relationships among both financial and nonfinancial data.
- The auditor shall design and perform analytical procedures near the end of the audit.
- The objectives of the auditor are:
to obtain relevant and reliable audit evidence when using to design and perform analytical procedures near the end of the audit that assist
substantive analytical procedures the auditor when forming an overall opinion conclusion

RELATED PARTY
- The auditor shall inquire of management regarding:
The identity of the Whether the entity If so, the type and Inspect the terms of Transactions are
The nature of
entity’s related entered into any purpose of the contracts if authorized and
relationships
parties transactions transactions consistent approved
- During the audit, the auditor shall remain alert, when inspecting records or documents, for arrangements or other information that may indicate
the existence of related party relationships or transactions and the auditor shall evaluate:
Whether the identified related party relationships and Whether the effects of the related party relationships and transactions:
transactions HAVE BEEN APPROPRIATELY i. Prevent the financial statements from ACHIEVING FAIR PRESENTATION (for fair
ACCOUNTED for and disclosed in accordance with the presentation frameworks); or
applicable financial reporting framework. ii. Cause the financial statements TO BE MISLEADING (for compliance frameworks).

USING THE WORK OF INTERNAL AUDITORS AUDITOR’S EXPERT

The external auditor shall determine whether the work of the internal audit can be used for audit by evaluating the field is other than accounting whose
following: word is used by auditor.
a. The extent to which the internal audit function’s organizational status and relevant policies and procedures
MANAGEMENT’S EXPERT
support the objectivity of the internal auditors;
work is used by the entity.
b. The level of competence of the internal audit function; and
c. Whether the internal audit function applies a systematic and disciplined approach, including quality control. No reference to expert’s work.
ANALYTICAL PROCEDURES OBJECTIVE OUTCOME REQUIRED?
1. Planning (Risk Assessment - To identify deficiencies; To determine the nature,
Identification of risk areas YES
Procedures) timing & Extent of audit; Identify specific risks
2. Substantive
a. Analytical Procedures - To detect materials misstatements Identify relationships that lead to inquiry or
NO
b. Test of details - To obtain corroborative evidence reperformance

3. Completion Stage/Final - To assess the validity of conclusion Check if Relationship of accounts are
Review YES
consistent or not
05 AUDIT RISK
AUDIT RISK is the risk that the auditor expresses an inappropriate opinion; auditor unknowingly fails to modify an opinion on materially misstated financial
statement.
RISK OF MATERIAL MISSTATEMENT (ROMM) RISK OF NOT MATERIAL MISSTATEMENT
1. INHERENT RISK - you haven’t done any, but there is already risk. 3. DETECTION RISK - is the risk that the auditor’s ST will not detect a
Generally, beyond the auditor or management’s control, this is misstatement that exists. DR and ST are inverse. If acceptable level of
subjective. DR is low, ST is high:
a. Nature – Provide more effective Procedures (Use Proof of Cash
2. CONTROL RISK – mostly controlled by management, MM will not be instead of Simple Reconciliation)
prevented or detected by client’s internal control. b. Timing – Closer or nearer to year-end (Revenue and Receipt Cycles)
c. As to Extent – Use a larger Sample Size (Sales and Purchases)
Control risk at a high level when:
(1) The entity’s internal control system is not effective;
(2) Evaluating the operating effectiveness of the entity’s controls would not be efficient.

5 OVERALL RESPONSES TO ADDRESS THE RISK OF MATERIAL MISSTATEMENTS:

Making general changes to the NTE Assigning more experienced staff or those with special skills Provide more supervision
Unpredictability (more effective) e.g. cash count Emphasize the need to maintain professional skepticism

06 INTERNAL CONTROLS
INTERNAL CONTROL (IC) - to provide reasonable assurance about the achievement of an entity’s objectives. It is a process.
Used to achieve entity’s objective regarding:
1. Reliability of financial reporting
2. Effectiveness and efficiency of operations
3. Compliance with laws and regulations
Inherent limitations: [COC CHA]
1. Cost-benefit relationship
2. Management Overriding the internal control.
3. Collusion among employees.
4. Changes in conditions, and compliance with
procedures may deteriorate.
5. Human error (mistakes in judgement)
6. Most internal controls tend to be directed at
Anticipated types (routine transactions)
Responsibilities:
Management: to design, implement and maintain internal control
TCWG/BOD: to ensure the integrity of accounting and financial reporting systems
Staff personnel: to perform their respective functions
Classification of internal control
1. By objectives: (control - achieve)
a. Financial reporting controls - reliability of financial reporting objectives.
b. Operational effectiveness controls - operational effectiveness objective.
c. Compliance controls - compliance.
2. According to functions
a. Preventive controls - to deter problems
b. Detective controls - to discover problems
c. Corrective controls - to remedy problems
COMPONENTS OF INTERNAL CONTROL: [CRIME]
1. CONTROL ENVIRONMENT - the overall tone of the organization. Control Activities [APIPS]
Examples are: [IM CPA HO] Authorization
a. Integrity and ethical value Performance Review
b. Management’s philosophy and operating style Information Processing
c. Commitment to competence Physical Controls
d. Participation by those charged with governance Segregation of duties
e. Assignment of authority and responsibility Segregation of Duties [ICARE]
f. Human resource policies and procedures Independent Checks & Balances
g. Organizational structure Custody over Assets
2. RISK ASSESSMENT - management’s basis to determine the risks to be Authority over Transactions
managed. To do that: (IAM) Record over transactions
a. Identify business risks Execution of Transactions
b. Assess the likelihood of their occurrence
c. Decide how to Manage them. C/R/M Indirect controls (pervasive) CR at FS level
3. INFORMATION AND COMMUNICATION SYSTEMS – initiate,
I / E Direct control (transaction-specific) CR at assertion level
record, process and report transactions
4. MONITORING - assessing the quality of internal control performance over time.
a. Ongoing – day-to-day operations (transaction authorization)
b. Separate evaluation: periodic (internal audits)
5. EXISTING CONTROL ACTIVITIES – includes human resource policies and practices relative to recruitment, orientation, training, evaluating,
counseling, promoting, compensating and remedial actions.

GENERAL AUTHORIZATION applies to routine transactions, whereas
SPECIFIC AUTHORIZATION applies to non-routine transactions.
At a minimum, CAR should be segregated. But to have an optimum
segregation of duties, ICARE should be segregated.
TESTS OF CONTROLS - are tests performed to test the operating effectiveness
(at least every third audit). Unlike substantive tests of details, tests of controls
are not required audit procedure.
✓ Analytical procedure is never in Test of Controls.

WHEN ARE THEY NECESSARY? – These are tests performed to check and gather evidence as to the operating effectiveness of relevant controls if they expect
the controls to be effective and or if they expect that substantive tests alone cannot provide sufficient appropriate audit evidence at the assertion level.

REQUIRED DOCUMENTATION – no particular form of documentation is necessary. (e.g client’s organization structure).
INTERNAL CONTROL NARRATIVES – understanding of the information system or specific FLOWCHARTS –
QUESTIONNAIRE control policies or procedures. auditor’s understanding of the system.
Compensating control – a control that reduces the risk that an existing or potential control weakness will result in a failure to meet a control objective.
 TEST OF CONTROL SUBSTANTIVE TESTS

The auditor shall design and perform Test of Control to obtain sufficient
appropriate audit evidence when: ST procedures are performed in order to detect material misstatements at the
• Expectations that the controls are operating effectively; and assertion level, and include (1) Test of Details of classes of transactions,
• Substantive procedures alone cannot provide. account balances and disclosures and (2) Substantive Analytical Procedures.

TOC is concerned primarily with each of the ff: When the auditor has determined that an assessed risk of material
• How were the controls applied? misstatement at the assertion level is a significant risk, the auditor shall
• Were the necessary controls consistently performed? perform substantive procedures that are specifically responsive to that risk.
• By whom were the controls applied?

OVERALL RESPONSES

Emphasizing to the audit Assigning more Incorporating additional Making general

team the need to experienced staff or Providing more elements of unpredictability in changes to the nature,
maintain professional those with special skills supervision the selection of further audit timing, or extent of
skepticism; or using experts; procedures to be performed; audit procedures

SUMMARY OF RESPONSES AT THE ASSERTION LEVEL

FACTOR TEST OF CONTROL SUBSTANTIVE TEST
1. NATURE
PURPOSE: To test the operating effectiveness of control To detect material misstatement (always required)
Test of Details, Transactions & Test of Balances & Analytical
TYPES: Inquiry, Observation, Inspection, Reperformance
Procedures
At a period in time Interim, ↓ RoMM (more detailed)
2. TIMING
In period of time Year-end, ↑ RoMM
More extensive, ↓ CR (more evidence needed) Less extensive, ↓ RoMM
3. EXTENT
Less extensive, ↑ CR More extensive, ↑ RoMM
↑ RMM means internal control has issues. Source: CPAR Notes
07 AUDIT EVIDENCE
AUDIT EVIDENCE refers to all the
information used by the auditor in
arriving at the conclusions on which
the audit opinion is based.
An AUDIT PROGRAM is detailed listing of
NTE of planned audit Audit procedures
(ToC/ST) that the auditor will perform to
gather appropriate evidence.

AUDIT PROCEDURES FOR OBTAINING AUDIT EVIDENCE

1. RISK ASSESSMENT PROCEDURES – to obtain an understanding of the entity and its
environment to assess the RoMM at the FS and assertions level.
2. FURTHER AUDIT PROCEDURES – to design and perform audit procedures whose NTE are
responsive to the assessed RMM.
i. Tests of Controls – to test the operating effectiveness of relevant controls.
ii. Substantive Testing – to detect material misstatements at the assertion level.
1. Tests of details examining or obtaining audit evidence on the actual details of account
balance
a. Test of transactions - testing of the transaction that leads to EB.
b. Tests of balances - direct testing of accounts ending balance
2. Substantive analytical procedures (Analytic review procedure) are used to
evaluate the reasonableness of financial info.
• Accordingly, the extent of Substantive Testing depends on the level of Detection Risk determined by the auditor.

ASSERTIONS (or management assertions)

- are representations by management, explicit or not. These assertions relation to the fairness of presentation of the FS; thus, they are directly related
to applicable reporting framework.
Assertions about CLASSES OF TRANSACTIONS
and events for the period
a. OCCURRENCE – transactions and events that
have been recorded have occurred and pertain to
the entity;
b. COMPLETENESS – all transactions and events
that should have been recorded have been
recorded;
c. ACCURACY – amounts and other data relating to
recorded transactions and events have been
recorded appropriately;
d. CUTOFF – transactions and events have been
recorded in the correct accounting period; and
e. CLASSIFICATION – transactions and events have
been recorded in the proper accounts.
Assertions about ACCOUNT BALANCES at the
period end
a. EXISTENCE – assets, liabilities and equity
interests exist.
b. RIGHTS AND OBLIGATIONS – the entity holds or
controls the rights to assets, and liabilities are
obligations of the entity.
c. COMPLETENESS – all assets, liabilities and
equity accounts that should have been recorded
have been recorded.
d. VALUATION AND ALLOCATION – assets,
liabilities and equity interests are included in the
financial statements at appropriate amounts and
any resulting valuation or allocation adjustments
are appropriately recorded.
Assertions about PRESENTATION AND
DISCLOSURE
a. OCCURRENCE AND RIGHTS AND OBLIGATIONS
– disclosed events, transactions and other
matters have occurred and pertain to the entity.
b. COMPLETENESS – all disclosures that should
have been included in the financial statements
have been included.
c. CLASSIFICATION AND UNDERSTANDABILITY –
financial information is appropriately presented
and described, and disclosures are clearly
expressed.
d. ACCURACY AND VALUATION – financial and
other information are disclosed fairly and at
appropriate amounts.
CLASSIFICATION OF AUDIT EVIDENCE:
1. Examples of ACCOUNTING RECORDS (Underlying data):
a. Records of initial accounting entries.
b. Supporting records, such as checks and records of electronic fund
transfers, invoices, and contracts.
c. General and subsidiary ledgers.
d. Journal entries and other adjustments to the financial statements that are
not reflected in formal journal entries.
e. Records such as worksheets and spreadsheets supporting cost
allocations, computations, reconciliation, and disclosures.
2. Examples of SOURCE DOCUMENTS (Other information):
a. Documents (such as checks bank statements, contracts, and minutes of
meetings).
b. Information/evidence
c. Information obtained by the auditor. Nature Its purpose (TOC/ST), its type
d. Other information developed by, or available to, the auditor. Timing when to perform the audit procedure
Extent quantity to be performed or the extent of testing

DIRECTION
OF TESTING

The auditor may need to rely on audit evidence Most reliable – purely
that is persuasive rather than conclusive. external; Least
reliable – purely
internal

MANAGEMENT EXPERT
A management expert is an individual or organization possessing expertise in a field other than accounting or auditing.
Auditor’s use of work of an expert: Among his services:
1. Assess the appropriateness of the expert’s work as audit evidence 1. Valuation of certain types of assets
2. If it does not provide SAAE, then auditor should resolve the matter. 2. Legal opinions regarding interpretation of statutes
3. When issuing unmodified, the auditor should not refer to his work. 3. Determination of accounting methods in inventory
EXTERNAL CONFIRMATIONS (PSA 505)
POSITIVE CONFIRMATION REQUEST NEGATIVE CONFIRMATION REQUEST
Reply if agree or disagree Reply only if disagree
Small number, large balances Large number, small balances
ICS is weak, inadequate ICS is effective & adequate
IR ↑ CR ↑, DR ↓ IR ↓, CR ↓, DR ↑
Customer is unlikely to respond Customer is likely to respond
Substantial (material) may be in dispute Small number of accounts maybe in dispute
1. Send a second request.
2. Perform alternative procedures Non-response means AGREEING to the item
a. examination of sub cash collections confirmed by the auditor
b. examination of source documents (shipping documents)

AUDIT DOCUMENTATION (PSA 230)

also known as Audit The working papers Retained for 5 years before deletion (7 years in SRC) For Tax purposes, the
Working papers
Working Papers; provide should ideally be retention period is
are the property
the principal support for cross-referenced to 60d after the date of auditor’s report is the limit to extended to 10 years per
of the auditor.
the auditor’s report; facilitate navigation. complete the assembly of final audit file. RR 15 2010.

SPECIFIC CONSIDERATIONS FOR SELECTED ITEMS:

INVENTORY
• When inventory is material to the financial statements
o Attendance at physical inventory counting
o Performing audit procedures over the entity’s final inventory records
• the auditor shall make or observe some physical counts on an
alternative date; if impracticable, the auditor shall perform alternative
audit procedures to obtain sufficient appropriate audit evidence
regarding the existence and condition of inventory.
• If under the custody of third party,
o Request confirmation from the third party as to the quantities and
condition; and
o Perform inspection or other audit procedures appropriate in the
circumstances
• Inventory Tags → Inventory List: Doc to Record: COMPLETENESS
• Inventory List → Inventory Tags: Records to Doc: VOUCHING
LITIGATIONS AND CLAIMS
• Inquiry of management and others within the entity; Reviewing minutes
of meetings of TCWG; and reviewing legal expense accounts.
• The auditor shall seek direct communication with the entity’s external
legal counsel through a letter of general inquiry.
• The auditor considers the status of legal matters up to the DATE OF THE
AUDIT REPORT.
AUDITING ACCOUNTING ESTIMATES (PSA 540)
• Management is responsible for making accounting estimates and
disclosures included in financial statements; RoMM is greater.
• Accounting estimates should be (1) Reasonable in the circumstances
and (2) Properly accounted for and appropriately disclosed as required.
• Accounting estimate audit procedures: (1) Review and test the process,
(2) Use an independent estimate & (3) Review subsequent events and
confirm the estimate.
08 AUDIT SAMPLING
SAMPLING is testing of less than 100% of the items. Audit sampling applying audit procedures to less than 100% of the items.
Sampling plan refers to the procedures an auditor applies to accomplish a sampling application.

Responses of the auditor:

If the auditor is willing to tolerate more risk
Generally, the more an auditor relies on the
(tolerable deviation rate), the sample size
controls, the sample size should increase.
should decrease.
If the auditor is willing to impose more risk on
the population (expected deviation rate), the
sample size should increase.

Sampling risk the possibility that the auditor’s conclusion based on a sample may be different. To reduce:
Sample selection method Sample Size Projection

Non-sampling risk: all aspects of audit risk that are not due to sampling.

APPROACHES TO AUDIT SAMPLING

TOC ST

Tolerable Error Amount Tolerable Deviation Amount

TOLERABLE
It is the maximum rate of deviation It is the maximum total error in population
ERROR
from the prescribed control procedure. that the auditor is willing to accept

Expected Error Amount Expected Deviation Amount

EXPECTED
It is the auditor's best estimate of the It is the auditor's best estimate of the
ERROR
rate of deviation amount of error

TEST OF CONTROL SAMPLE 100%

TOO HIGH
Efficiency is being questioned here.
TOO LOW
Effectiveness is being questioned here.
SDR = Sample Deviation Rate
SDR > TDR = CR↑ = DR↓ (more sub) Actual DR < TDR = CR↓ = DR↑ (you do a lot more)
Nature = More detailed Nature = less detailed
Timing = Year-end Timing =interim
Extent = More extensive Extent = less extensive
SDR < TDR = CR↓ = DR↑ Actual DR > TDR = CR↑ = DR↓
Nature = less detailed Nature = more detailed
Timing = interim Timing = year-end balances
Extent = less extensive (less SZ) Extent = more extensive
Source: CPAR notes
TYPES OF SAMPLING RISKS: (I ALPHA RHUI)
Type TEST OF CONTROLS SUBSTANTIVE TESTING Sacrificed
Risk of assessing CR too High Risk of incorrect Rejection
Efficiency
ALPHA RISK Sample: CR ↑ Sample: xx is incorrect (Under reliance)
Type I error Population: CR ↓ Population: xx is correct

DR ↑ – ST ↑ IC is not reliable. Control Risk is higher than it Materially misstated, when in fact it is not materially
actually is. misstated.

Risk of assessing CR too low Risk of incorrect acceptance

Effectiveness
BETA RISK Sample: CR ↓ Sample: xx is correct (over reliance)
Type II error Population: CR ↑ Population: xx is incorrect

DR ↓ – ST ↓ IC is reliable. Control Risk is lower than it actually Not materially misstated, when in fact materially
is. misstated.

Applicable Sampling Attribute sampling – used to test an entity’s rate of Variables sampling - numerical quantity of a
Approaches deviation (or rate of occurrence) population.

THREE CLASSICAL VARIABLES SAMPLING:

MEAN-PER-UNIT ESTIMATION RATIO ESTIMATION DIFFERENCE ESTIMATION
estimate = average sample value x number of items uses the ratio of the audited (correct) values of uses the average difference between the audited
in population items to their book values (correct) values of items and their book values.

The Sample Size is determined by considering the following factors:

TOC ST Relationship to SZ
RISK OF ASSESSING CONTROL TOO LOW
Acceptable Sampling Risk Inverse
• Sampling Risk – inverse relationship between the risk and the sample size.
TOLERABLE DEVIATION RATE
Tolerable misstatement/error Inverse
• This is the maximum deviation rate that the auditor is willing to accept.
EXPECTED POPULATION DR
• The rate of deviation from prescribed control procedure the auditor expects to Expected Population M/E Direct
find in the population.
● Substantive Procedures – more intense substantive tests will mean that less sampling will be necessary (i.e., the less the sample, the larger the substantive
tests must compensate)
● Anomalous error – those that arise from isolated events.
● Missing – do additional audit procedure or treat it as deviation; Void – select the next number

PRINCIPAL SAMPLE SELECTION METHODS

1. Random-number sampling – each item in the population has an equal chance and nonzero probability selection.
2. Systematic selection - the number of sampling units in the population is divided by the sample size to get the sampling interval.
3. Block selection (or cluster sampling) - involves selecting a block(s) of contiguous items from within the population.
4. Haphazard selection - selects the sample without regard to their size, source or other distinguishing characteristics (no bias)
5. Stratification - grouping of items of similar size and each group is treated as a separate population; least desirable by auditor.
6. Value-weighted selection - high value, less chances
7. Discovery sampling – for suspicion of fraud. The auditor is concerned that a population may contain exceptions; at least one such exception is okay.
8. Stop-or-go (Sequential sampling)- auditor expects few errors. Until we get sufficient evidence from sample, we continue to add.

09 COMPLETING THE AUDIT

PROCEDURES DESCRIPTION/CONCERNS MANAGEMENT’S RESPONSIBILITY AUDITOR’S RESPONSIBILITY
1. Identifying The auditor should be satisfied about Identify and disclose the RP and Obtain written representation on:
Related Party purpose, nature, extent and effect of RPTs; BOD’s approval of the (1) completeness of information; and
Transaction the RPT. transaction (2) adequacy of disclosure in FS
2. Review of Events occurring between BS date and Inform the auditor of facts (1) Review management’s procedures
Subsequent date of the auditor’s report; and discovered after the date of auditor’s (2) Read MOM of stockholders, directors and
Events Review Facts become known after the report committees
(PSA 560) auditor’s report (not found) (3) Read the entity’s latest interim FS
(4) Obtain a letter of representation
3. Inquiries of Events that may have a material effect List down all the legal issues about (1) Identify existence of L/C/A expense
Client’s Legal on FS L/C (not prepared by attorney) (2) Communicate directly with the entity’s lawyers.
Counsel (3) Corroborates the information furnished by
Letter of Inquiry (sort of confirmation Will serve as the primary source of management thru LoI.
request) –prepared by management, the auditor’s information asking the (4) Inquiry of management including in-house legal
sent by auditor, received by auditor client to send letters of audit inquiry counsel
to lawyers
 4. Performing Overall review of procedures done at (1) Identify unusual fluctuations or transactions
Wrap-up the end of audit that generally cannot (FAP)
Procedures be performed before the other audit (2) Addressing required disclosures
work is complete. (3) Overall review of the audit engagement and
formation of audit opinion
5. Assessing going A/L are recorded on the basis that the (1) assess the ability to continue as (1) Evaluate the appropriateness of the assumption
concern entity will be able to realize its assets a GC; and & adequacy of disclosure.
assumption and discharge its liabilities (2) Its disclosure (2) Identify material uncertainties.
(PSA 570)– (3) Consider if there are conditions that may cast
entity is viewed as continuing significant doubt.
business for foreseeable future. (4) Consider report modifications (extension of
assessment period)
6. Management RL - Management has acknowledged To provide written representations: (1) Confirms the oral representation given by
Representation that it has fulfilled its responsibility for ● Management believes that the management to the auditor
Letter (PSA 580) the preparation and presentation of uncorrected misstatement is (2) Remind management of its primary resp
- These fair financial statements. immaterial (3) Should be addressed to the auditor
complement ● Management has made available (4) Should be dated as of the audit report
audit evidence, If not given, then Scope Limitation (Q all evidence that the team needs (5) Should be signed by the CEO and CFO.
but are not or D) (6) Is not a substitute of other necessary
evidence per se, procedures.
signed by CEO &
CFO

WRITING A MANAGEMENT LETTER

The auditor writes a management letter for two reasons:
a. to encourage a better relationship between the auditor and management
b. to suggest additional tax and management services that the auditor can provide

A management letter is OPTIONAL and there is no standard format or approach for writing management letters.

TYPE OF SUBSEQUENT EVENTS:

Those requiring disclosure (Type II event) - indicative of conditions that arose after.
Those requiring adjustment (Type I event) - evidence of conditions
No adjustments needed. Ex. (1) issuance of bonds, (2) major purchase of business, (3)
that existed at the date of financial statements. Ex. (1) Settlement of
loss on inventory due to fire, (4) loss of plant due to flood (5) loss on uncollectible
litigation and (2) loss on uncollectible accounts.
receivable because of a major catastrophe.
 • Effect of Adjusting Events – FS adjusted, but auditor will keep
original date of report (condition existing before balance sheet
date, but not in subsequent event)
• Requiring disclosure – change date to date of subsequent event
or dual date
o This in effect will make the auditor responsible to the
reliability of the report up to that date.
o Dual Dating and Redating – Done after fieldwork and issue
of Audit Report but before issue of FS. This extends audit
responsibility (Dual Dating is limited to a specific matter, while redating applies when the subsequently discovered fact is pervasive.)

TYPES OF OPINION
UNMODIFIED AUDIT REPORT
ADVERSE
1. Reasonable Assurance of Going concern DISCLAIMER
Inappropriate use of assumption and
2. No Reasonable assurance of going concern and adequately disclosed Multiple Uncertainties
not adequately disclosed
(with emphasis on a matter paragraph)

EVALUATING AUDIT FINDINGS AND PREPARING ADJUSTING ENTRIES LETTERS IN AUDIT

○ Management Accepts Correcting Entries – Unmodified Audit Report
○ Management Refuses Correcting Entries – Qualified or Adverse Opinion
○ Management is unwilling to make or extend its assessment – Qualified or
Disclaimer opinion
IMPORTANT DATES IN AUDIT
○ DATE OF FS – end of the latest period covered by the FS (12/31/2023)
○ DATE OF APPROVAL OF FS – FS are prepared with recognized authorities
(02/05/2024)
○ DATE OF AUDITOR’S REPORT – auditor’s date in accordance with PSA
(02/10/2024)
○ DATE OF FS ISSUANCE – FS are made available to third parties.
● Engagement Letter - contract between client and audit team
● Confirmation Letter - done in ST, to confirm the balance.
● Management Letter - improvements in IC, suggestion to
management
● Letter of Audit Inquiry - corroborate info furnished by
management about L/C
● Management Representation Letter - to emphasize its ultimate
responsibility in the FS.
● Review of Adequacy of disclosure - disclosure checklists
● Check of Working Paper - final checking before archiving

Omitted Procedures:
1. The auditor should assess the importance of the omitted procedure.
2. The auditor determines if there are compensating procedures.
3. If yes, no need for further procedures. If there are none, the auditor shall
undertake to apply the omitted procedures or alternatives.
OVERVIEW OF THE AUDIT PROCESS:
1. Preliminary Engagement (Sept) 4. Test of Controls
o Know its competitors, organizational structure ○ Test the operating effectiveness
o Know its revenue sources ○ Assess control risk
o This process would require evaluation not only of the auditor’s ○ Identify internal control that has direct effect of the FS (I, I, O,
qualification, but also the client’s auditability and integrity. R)
2. Planning (Sept) 5. Substantive Testing (Dec-Mar)
○ Overall audit strategy ○ I, I, O, R, R, C, AP
○ Firm will meet the client ○ Audit balances comparison
○ Audit program on each line item ○ Documentation, referencing and indexing (promotes cross-
○ Set materiality level & set desired level of audit risk referencing and simplify supervisory review)
○ This phase is where the auditor gathers a detailed knowledge ○ Apply sampling
of the client’s business and industry in order to understand i. Sampling technique
the transactions and vents affecting the financial statements. ii. Sampling size
This also involves the initial assessment of risk and materiality iii. Projection to population
3. Understanding Internal Control (Oct-Nov) ○ They are either in the form of Substantive Analytical
○ Design and implementation of walkthrough Procedures, Tests of Details, or Tests of Balances. This
○ Manual of procedures is always required to be performed.
○ Fieldwork 6. Completing the audit (Apr)
○ Know the departments of the client ○ Wrap-up procedures are performed.
○ The consideration of internal control is interwoven into the 7. Issuance of Report
reliability of the records of the entity, and directly affects the ○ states the auditor’s conclusions regarding the fairness
financial statements of the financial statements
○ Post-audit Phase – identify areas for improvement in
the current and future engagement
.
10 FORMING AN OPINION AND AUDITOR’S REPORT
Types of opinions:
1. Unmodified - assured that everything is in accordance with
the FRS (FS is reliable)
2. Qualified - FS is presented fairly, except for “something”.
3. Adverse - misstated, worst opinion
4. Disclaimer - no opinion given
2, 3, & 4 belong to modified opinions.
 Nature of matter Material but NOT pervasive Material AND pervasive

Materially misstated FS
Q A
Going Concern issues
“Except for” “Do not fairly present”
Materiality issues

MODIFIED OPINION Inability to obtain SAAE (SCOPE LIMITATION)

Resign or D*
Management imposed or Q
“No opinion”
“Possible effects” “Except for”
“We do not express an opinion”
Other limitations** Q D
*(1) multiple uncertainties and (2) lacks independence
**unable to determine the amounts associated with NOC acts (REO PW) Disclaimer of opinion – basis of OS
● Material Misstatement/Departure from PFRS ✓ Reference to the section of the auditor’s report
○ Arises from Inappropriate accounting policy used or misapplication thereof Not include: where the auditor’s responsibilities are described.
○ Inadequate or Inappropriate Disclosure ✓ Statement where the audit evidence is sufficient
● Scope Limitations
○ The auditor is prevented by the client or any other forces Description of auditor’s responsibility:
○ If imposed by client, the auditor must request to remove the limitation ✓ To conduct an audit of the entity’s FS
○ May depend on which phase this scope limitation is imposed ✓ Not able to obtain SAAE
■ Earlier, resign; close to completion, disclaim ✓ Auditor’s independence and other ethical requirement
AUDITOR’S RESPONSIBILITY
● DO NOT MODIFY FOR UNQUALIFIED, QUALIFIED, or ADVERSE OPINIONS
● Modification on the Auditor’s Responsibility is only done when there is a DISCLAIMING OPINION

MODIFICATION TO AUDITOR’S REPORT

EMPHASIS OF MATTER PARAGRAPH – doesn’t affect the opinion, just to highlight some of the items, DISCLOSED.
1. Significant Uncertainties, adequately disclosed & accounted for (contingencies, going concern)
2. Early Application of New Accounting Standards in advance of its effective date (IFRS 17)
3. A major catastrophe that has a significant effect on the entity’s FS
4. A subsequent discovery of facts affecting the previously issued opinion.
5. FS prepared using a Special Purpose Framework

OTHER MATTER PARAGRAPH - matter NEITHER PRESENTED NOR DISCLOSED in the FS.
1. Restriction or distribution or use of report
2. If the FS of the prior period were audited by the other auditor.
● The comparative information agrees with the amounts
● The accounting policies are consistent
ELEMENTS OF AUDITOR’S REPORT (TARA Ba KoREA O RESA D)
1. Title 6. Management’s Responsibilities
To clearly indicate that it is a report of independent auditor’s report, Fair presentation of FS in accordance with PFRS: TCWG is
“Independent Auditor’s Report” responsible for overseeing the company.
2. Addressee (Receiver) 7. Auditor’s Responsibilities
Parties whom it is prepared, either SHs or TCWG “Our objectives are to obtain reasonable assurance…”
3. Auditor’s Report 8. Other Reporting Responsibilities
“In our opinion, the accompanying FS present fairly, in all material BIR requirements; legal & regulatory requirements
respects, the FP of the company as of …” 9. Engagement partner’s Name
4. Basis for Opinion (CoE + PSAs) 10. Signature of the auditor
Audit is conducted with PSAS, “we have obtained is Name of the audit firm & auditor, as appropriate`
sufficient/appropriate evidence to provide a basis.” 11. Auditor’s Address
Location in the jurisdiction where the office is
5. Key Audit Matters (omitted if disclaimer is issued)
For audits of complete sets of GPFS of listed companies; Most 12. Date of the Auditor’s Report
significant aspects - discuss why they are significant Date when the fieldwork is completed

CORRESPONDING FIGURES AND COMPARATIVE FINANCIAL STATEMENTS (PSA 710)

CORRESPONDING FIGURES
Amount and other disclosure for the prior period are included.
The auditor’s opinion does not refer to the corresponding figures because the
auditor’s opinion is on the current period financial statements as a whole
including the corresponding figures.
COMPARATIVE FINANCIAL STATEMENTS
amounts or other disclosures included in the financial statements in respect of
one or more prior periods
When comparative financial statements are presented, the auditor’s opinion
shall refer to each period for which financial statements are presented.

If the financial statements of the prior period were audited by a predecessor
auditor and the auditor is permitted by law or regulation to refer to the predecessor
auditor’s report on the corresponding figures and decides to do so, the auditor
shall state in an Other Matter paragraph in the auditor’s report:
• That the FS of the prior period were audited by the predecessor auditor;
• The type of opinion expressed by the predecessor auditor and, if the opinion
was modified, the reasons therefore; and
• The date of that report.
If the financial statements of the prior period were audited by a predecessor
auditor, in addition to expressing an opinion on the current period’s financial
statements, the auditor shall state in an Other Matter paragraph:
• That the financial statements of the prior period were audited by the
predecessor auditor;
• The type of opinion expressed by the predecessor auditor and, if the
opinion was modified, the reasons therefore; and
• The date of that report.

If the prior period financial statements were not audited, the auditor shall state in an Other Matter paragraph in the auditor’s report that the corresponding
figures/comparative financial statements are unaudited.
SPECIAL CONSIDERATIONS—Audits of Financial Statements Prepared in Accordance with Special Purpose Frameworks
Special Purpose Framework - a financial reporting framework designed to meet the financial information of specific users.
1. Apply PSA 700 (Revised) – Forming an Opinion and Reporting on Financial Statements.
2. The auditor’s report shall describe the purpose for which the FS are prepared and, if necessary, the intended users.
3. The auditor’s report on special purpose financial statements shall include an Emphasis of Matter paragraph.

SPECIAL CONSIDERATIONS—Audits of Single Financial Statements and Specific Elements, Accounts or Items of A Financial Statement
1. Apply PSA 700 (Revised), adapted as necessary in the circumstances of the engagement
2. If report on a single financial statement or on a specific element of a financial statement, the auditor shall express a separate opinion for each
engagement.

11 AUDITING IN AN IT ENVIRONMENT
• AN IT ENVIRONMENT exists when a computer of any type or size is involved in the processing by the entity of financial information of significance to
the audit, whether the computer is operated by the entity or by a third party.
• The overall objective and scope of an audit does not change in an IT environment.
• An IT environment may affect:
a. The procedures followed in obtaining a sufficient understanding of the accounting and internal control systems.
b. The consideration of the inherent and control risk.
c. The design and performance of tests of controls and substantive procedures
• If specialized skills are needed, the auditor would seek the assistance of a professional possessing such skills, who may be either on the auditor’s
staff or an outside professional.

Auditor’s responsibility:

Auditor should have Seek the assistance of a Obtain an understanding of the significance Consider IT environment in
sufficient knowledge of the IT professionals possessing such skills and complexity of the IT Activities designing audit procedures

CHARACTERISTICS OF CIS: BENEFITS OF IT RISK OF IT

1. Lack of visible audit trail - paperless 1. Consistent
2. Consistency of performance - CIS function exactly as programmed 2. Timeliness, availability,
3. Concentration of duties - A, R, & C are properly segregated accuracy
4. Ease of access to date & computer programs 3. Additional analysis
5. System-generated transactions 4. Monitor the performance
6. Vulnerability of data & program storage 5. Reduce the risk that controls are
circumvented
Effect on audit: The same on objectives, responsibilities, and stages 6. Effective segregation of duties
1. Inaccurate processing of
data
2. Unauthorized access to data
3. Unauthorized changes to
data, systems and programs
4. Potential loss of data
INTERNAL CONTROL IN IT ENVIRONMENT:
1. GENERAL CONTROLS – to establish a framework of overall control; support the effective functioning of application controls.

Parity check – a bit is added to each Echo check – information transmitted is Diagnostic routines – designed to detect
character stored and retransmitted to the sender hardware malfunctions.

2. APPLICATION CONTROLS – relate to the specific use of the system; operate at a business level.
1. Controls over input – designed to provide reasonable assurance that transactions are
2. Controls over processing and
properly authorized before being processed by computer.
computer data files – designed to
provide reasonable assurance that
transactions are processed accurately.

3. Controls over input – designed to

provide reasonable assurance that
results of processing are accurate and
access to output is restricted to
authorized personnel.

ELECTRONIC DATA INTERCHANGE

1. AUTHENTICATION – controls must exist over the origin, proper submission, and proper
The electronic exchange of transactions, from one’s
delivery of EDI communications to ensure that the EDI messages are accurately sent and
entity’s computer to another entity’s computer through
received to and from authorized customers and suppliers.
an electronic communications network. In Electronic
2. ENCRYPTION – involves conversion of plain text data to cipher text data to make EDI
Fund Transfer (EFT) Systems, for example, electronic
messages unreadable to unauthorized persons.
transactions replace checks as a means of payment.
3. VAN CONTROLS – a value-added network (VAN) is a computer service organization that
EDI controls include:
provide network, storage, and forwarding (mailbox) services for EDI messages.
DISASTER RECOVERY PLANS HISTORICAL AUDIT TECHNIQUES (CAAT)
1. Internally provided back-up (on-site) - separate dept, expansion 1. Test Data – sets a dummy transaction specifically to test the controls if
option operating effectively. The auditor should run the test data on a surprise basis.
2. Externally provided back-up (off-site) - outsourced and back-up 2. Integrated Test Facility – allows fictitious and real transactions to be
a. HOT SITE (Recovery Operating Center) – hardware facilities processed together without client operating personnel being aware of the
are fully configured and ready to operate within several hours. testing process.
b. WARM SITE- not as equipped & riskier, costly 3. Parallel Simulation – the client’s software should generate the same
c. COLD SITE (Empty Shell) - least readily available & least costly exceptions as the auditor’s software; should be ideally performed on a surprise
basis. (most effective)
AUDIT APPROACHES: TEST OF CONTROLS TYPES OF ONLINE COMPUTER SYSTEMS
1. Auditing around the computer - inputs are reconciled with outputs, simple; 1. On-line/Real Time Processing – data are assembled from more
Blackbox approach – we don’t know the inside than one location and records that are updated immediately.
2. Auditing with the computer – the computer is used as an audit tool. 2. On-line/Batch Processing – transactions are entered, subjected to
3. Auditing through the computer (CAAT) - Client’s computer program is being certain validation checks and added to a transaction file during the
audited; Whitebox approach – examine the computer directly period.

12 CODE OF ETHICS FOR PROFESSIONAL ACCOUNTANTS

Revised international code of ethics
for Professional Accountants
International Ethics Standards for
Accountants (IESBA)
A distinguishing mark of the accounting
Implemented by BOA in
profession is the acceptance of its
Philippines
responsibility to the public.

PARTS
Part 1 – Complying with the Code, Fundamental
Principles and Conceptual Framework
Part 2 – Professional Accountants in Business (PAIBs)
Part 3 – Professional Accountants in Public Practice
(PAPPs)
Part 4 – International Independence Standards
APPLICABILITY
• Applicable to all professional accountants.
• Applicable to PAIBs when performing professional activities
• Also applicable to PAPPs when performing professional activities pursuant to their
relationship with the firm, whether as a contractor, employee or owner.
• Applicable to PAPPs when performing professional services
• Part 4A – Independence for Audit and Review Engagements
• Part 4B – Independence for Assurance Engagements other than Audit and Review
Engagements.

Conflicting requirements of Apply the code of ethics with

Code of ethics vs. Laws and regulations Laws and regulations will prevail
two countries stricter requirements
FUNDAMENTAL PRINCIPLES (COBID)
INTEGRITY straightforward and honest, fair-dealing and truthfulness
OBJECTIVITY fair, intellectually honest, free of conflicts
PROFESSIONAL COMPETENCE AND DUE CARE attain and maintain professional knowledge, act diligently in accordance with standards (PSA)
CONFIDENTIALITY respect of confidential information acquired
PROFESSIONAL BEHAVIOR comply with relevant laws/regulations, avoid misconduct that might discredit the profession

Contingent fees are acceptable in non-assurance engagements, Cross border activities – choose the stricter of the two ethical requirements for
but not in assurance. prudence and conservatism.
Advertising - communication to the public to procure Publicity - communication of facts about the PA not designed for the promotion
professional business. NOT ACCEPTABLE. of PA. ACCEPTABLE.

Independence of mind - mental attitude or state of mind Independence in Appearance - from the perspective of 3rd person

THREATS TO COMPLIANCE WITH FUNDAMENTAL PRINCIPLES: (IDENTIFYING)

1. SELF-INTEREST THREATS – there is a financial or other interest.
2. SELF-REVIEW THREAT – PA will appropriately evaluate the results of a
previous judgment made.
3. ADVOCACY THREAT – promoting an assurance client’s position, acting
as an advocate on behalf of an audit client.
4. FAMILIARITY THREAT – too sympathetic to the client’s interests
5. INTIMIDATION THREAT – PA will be deterred from acting objectively
because of actual or perceived pressures.

To eliminate the threats:

Identify the Address (either eliminate
Evaluate the effect
threats or reduce) thru safeguard

TIME-ON PERIOD
Key Audit Personnel are not allowed for a period of 7 cumulative years. After the 7 years time-on, the individual will serve a “cooling-off” period of:
Engagement Partner 5 years
Engagement Professionals (Effective on or before 12/31/2023) 3 years
Other Key Audit Personnel role 2 years
13 RA 9298 THE ACCOUNTANCY LAW
1. OBJECTIVES
2. SCOPE OF PRACTICE
○ Standardization and regulation of
accounting education
○ Examination for registration of CPAs
○ Supervision, control, and regulation
of practice of accountancy in the
Philippines
3. BOARD OF ACCOUNTANCY
○ Chairman + 6 members (total of 7), appointed by the president
○ PICPA submits 5 nominees, narrowed in 3 by PRC, then submit
Public Practice
the recommendation to the president of Ph
Commerce & Industry
○ TERM: 3 years, but no more than 12 years (filling in is for
Academe
unexpired portion only)
Government ○ Grants the license to practice as a CPA
○ Secretary of Justice – will serve as the adviser of PRC and BOA

5. POWERS AND FUNCTIONS

4. QUALIFICATION OF BOA MEMBER
i. Natural-born
ii. CPA with 10 years exp in ANY scope
iii. Good moral character
iv. Do not have pecuniary interest,
directly or indirectly to any university
7. QUALIFICATION OF THE APPLICANTS
○ Filipino Citizen
○ Good moral character (NBI)
○ BSA graduate
○ Not been convicted of any criminal
offense
i. Prescribe and adopt rules 6. GROUNDS FOR SUSPENSION
ii. Supervise the registration &Administer oaths i. Neglect of duty or incompetence
iii. Issue, suspend, revoke or reinstate ii. Violation of toleration of any violation
certificates iii. Final judgements of crimes
iv. Adopt its own seal & prescribe and adopt CoE iv. Manipulation or rigging of results
v. Conduct an oversight into the quality of audits
9. SUCCESSFUL EXAMINEES. Issued with
7. SCOPE OF EXAM (MAS, AUD, TAX, RFBT, FAR, Regulatory Documents (1) certificate of
AFAR) registration and (2) professional
8. RATINGS IN CPALE Identification Card (3 yrs. expiry)
Pass 75% ave, no grade below 65% 10. SUSPENSION AND REVOCATION.
Fail Opposite of pass Reinstatement for 2 years by BOA
Conditional Majority of subs is 75% 11. PENAL PROVISIONS. Fine of not less than
50k or imprisonment of 2 years or both.
ORGANIZATIONS AFFECTING THE PROFESSION
FRSC AASC QRC ETC
Chairman 1 1 1 1 Refresher course:
BOA 1 1 1. Only to accredited by CHED
COA 1 1 2. PR: 10%, at least 10 examinees for at least 5
SEC 1 1 years (10-10-5 rule)
BSP 1 1 3. Renewed every 5 years
BIR 1
Insurance Commission 1
FINEX 1 1
PICPA
Public Practice 2 6 2 1
Commerce and Industry 2 1 1 1
Academe 2 1 1 2
Government 2 1 1 1
TOTAL 16 15 6 6

14 SYSTEM OF QUALITY CONTROL

• Firm responsibility to: DESIGN, IMPLEMENT and OPERATE a system of quality management. This applies to all services fall under the AASC’s
engagement standards. (1) compliance to relevant standards, laws and regulations and (2) issue an appropriate report.
• A system of quality control refers to quality control policies and procedures adopted by CPA. QC policies are the objectives and goals to be achieved.
QC procedures are steps/procedures to be taken.
• The evaluation shall be undertaken as of a point in time and performed at least annually.
• Implemented both at the audit firm level and in individual audits.

COMPONENTS OF SYSTEM OF QUALITY CONTROL [LEAHEMFI]

FRAUD AND ERRORS
Fraud - intentional misstatements while Errors - Unintentional misstatements.

FRAUDULENT FINANCIAL REPORTING MISAPPROPRIATION OF ASSETS

or in general, management fraud or in general, employee fraud
manipulation, falsification, or alteration, misrepresentation or intentional Misappropriating collections of AR, Stealing inventory, using the entity’s
misapplication (there is concealment); when 3P is involved; Failure to assets as collateral
discover is greater here.

Fraud risk factors

The Fraud Triangle

FRAUD PREVENTION – reduce opportunities for fraud FRAUD DETERRENCE – persuade individual to commit fraud

Responsibility in detecting fraud:

AUDITOR
MANAGEMENT & TCWG
with direct effect without direct effect
It is both Management (CEOs) and those Charged with Governance (Board
obtain SAAE regarding understanding specific procedures to
and Committees) to prevent fraud and error, as well as be well within
compliance identify non-compliance
compliance of regulations

Noncompliance - acts which are contrary to the prevailing laws or regulations, commission or omission by individual.
Common examples of non-compliance Result of non-compliance with laws and regulations
(1) Violation of tax laws and environmental laws,
(1) Fines/penalties, (2) Damages (3) Threat of expropriation of assets, (4) Enforced
(2) Occupational safety and health, and
discontinuation of operations, and (5) Litigation
(3) Inside trading of securities
 Responsibility of auditor to compliance Responsibility of the auditor
(1) Understand the nature of the act in which it has occurred and (2) obtain
It is the responsibility of management, with the oversight of TCWG, to
further information to evaluate the possible effects. (3) intent to deceive must
ensure the conduct in accordance with laws and regulations
be established by auditor

COMMUNICATION
● To management: Upon detecting fraud or non-compliance, report to superiors at
least one level higher. Audit procedures:
● To TCWG: Communicate the matter in writing or orally asap; discussing material 1. Auditor
weaknesses in internal control and collusion among the employees; and adjustments a. understands the nature
suggested by auditor (regardless of materiality) b. further information to evaluate the possible effect
● To Regulatory and Enforcement Authorities: The auditor must consult with legal 2. discuss with appropriate level of management
experts and professionals to determine the appropriate course of action if they are 3. seek legal advice
to consider reporting the fraud or non-compliance to the appropriate regulatory 4. evaluate the effect of lack of SAE
entities. Confidentiality may be overridden by statute or by the courts. 5. evaluate the implications
Overall response to fraud risk identified: use less predictable audit procedures

15 OTHER MATTERS IN AUDIT

PHILIPPINE STANDARD ON ASSURANCE ENGAGEMENTS (PSAE)
to establish standards and provide guidance on engagements to examine and report on prospective financial information
PURPOSE
including examination procedures for best-estimate and hypothetical assumptions
PROSPECTIVE FINANCIAL means financial information based on assumptions about events that may occur in the future and possible actions by an
INFORMATION entity.
FORECAST means prospective financial information prepared on the basis of assumptions as to future events
prospective financial information prepared on the basis of (1) hypothetical assumptions about future events or (2) A mixture
PROJECTION
of best-estimate and hypothetical assumptions.
the auditor would consider (1) the intended use of the information, (2) Whether the information will be for general or limited
ACCEPTANCE OF
distribution, (3) The nature of the assumptions, (4) The elements to be included in the information and (5) The period covered
ENGAGEMENT
by the information.
It is in the interests of both entity and auditor that the auditor sends an engagement letter to help in avoiding
AGREEMENT
misunderstandings regarding the engagement.
The auditor should not accept, or should withdraw from, an engagement when the assumptions are clearly unrealistic or
WITHRAWAL
when the auditor believes that the prospective financial information will be inappropriate for its intended use.
16 TRANSACTION CYCLES
TRANSACTION CYCLES – are the means through which an accounting system process transactions of related activities such as:
acquisition of merchandise and payment to employees for services they
sale of goods to customers production of finished products for sale
payment to vendors had rendered

CATEGORIES

ENTITY’S RESPONSIBILITIES
To design and implement appropriate set of policies,
procedures, forms and integrated controls for each of these
transaction cycles to minimize opportunities for fraudulent
activities.
AUDITOR’S OBJECTIVE
To obtain an understanding of these cycles sufficient to plan
the audit and develop an effective and efficient audit approach;
to determine the reliability of financial reporting and to
determine the fairness of presentation in accordance with
applicable financial reporting framework.